// For flags

CVE-2022-2310

Skyhigh SWG Authentication bypass vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of SWG incorrectly whitelisting authentication bypass methods and using a weak crypto password. This can lead to the attacker logging into the SWG admin interface, without valid credentials, as the super user with complete control over the SWG.

Una vulnerabilidad de omisión de autenticación en Skyhigh SWG en las versiones principales 10.x anteriores a 10.2.12, 9.x anteriores a 9.2.23, 8.x anteriores a 8.2.28 y la versión controlada 11.x anteriores a 11.2.1, permite a un atacante remoto omitir la autenticación en la Interfaz de Usuario de administración. Esto es posible debido a que el SWG ha incluido incorrectamente en su lista blanca los métodos de omisión de la autenticación y ha usado una contraseña criptográfica débil. Esto puede conllevar a que el atacante entre en la interfaz de administración del SWG, sin credenciales válidas, como super usuario con control total sobre el SWG

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-07-05 CVE Reserved
  • 2022-07-27 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-10-18 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-290: Authentication Bypass by Spoofing
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Skyhighsecurity
Search vendor "Skyhighsecurity"
Secure Web Gateway
Search vendor "Skyhighsecurity" for product "Secure Web Gateway"
>= 8.0.0 < 8.2.28
Search vendor "Skyhighsecurity" for product "Secure Web Gateway" and version " >= 8.0.0 < 8.2.28"
-
Affected
Skyhighsecurity
Search vendor "Skyhighsecurity"
Secure Web Gateway
Search vendor "Skyhighsecurity" for product "Secure Web Gateway"
>= 9.0.0 < 9.2.23
Search vendor "Skyhighsecurity" for product "Secure Web Gateway" and version " >= 9.0.0 < 9.2.23"
-
Affected
Skyhighsecurity
Search vendor "Skyhighsecurity"
Secure Web Gateway
Search vendor "Skyhighsecurity" for product "Secure Web Gateway"
>= 10.0.0 < 10.2.12
Search vendor "Skyhighsecurity" for product "Secure Web Gateway" and version " >= 10.0.0 < 10.2.12"
-
Affected
Skyhighsecurity
Search vendor "Skyhighsecurity"
Secure Web Gateway
Search vendor "Skyhighsecurity" for product "Secure Web Gateway"
>= 11.0.0 < 11.2.1
Search vendor "Skyhighsecurity" for product "Secure Web Gateway" and version " >= 11.0.0 < 11.2.1"
-
Affected